It isn't clear that any numbers were actually stolen, only that people broke into the computer and that it actually had the credit card numbers on-line.
Of course, I think Western Union should be held liable anyway: their poor security is causing their customers and credit card companies a lot of effort and expense, whether the cards were stolen or not. Keeping personal information, in particular credit card numbers, on a system that is accessible from the Internet is grossly negligent.
Yes, companies don't retrain much. But that has nothing to do with the time or expense required by retraining. It has to do with the attitude of applicants who expect their company to train them.
Today, anybody can learn the hottest technologies (e.g., Linux, Win32, Python, Perl, VC++, C++, UML, Java, Apache) by going to the web and doing stuff on their home computer. They can even make a name for themselves by contributing to, or leading, open source projects. That's different from the past, where learning new technologies required expensive hardware and software, and where documentation and information was scarce; in the past, the primary institutions that could provide professional training were companies.
Systems and software jobs these days require that everybody on the team has a good understanding of techniques and tools out there that are relevant to the problem. That requires that each and every one stays informed and up to date with their field. That's a hallmark of professionalism. People who apply and expect the company to figure out what they need to know and retrain them accordingly are turned down not because of the time and expense of retraining, but because the notion that the company should provide training for widely available technologies is seen as unprofessional: it suggests that the employee would lack the initiative and interest to function well in the long run.
Sellers traditionally give discounts to volume buyers because the transaction costs per unit are lower. That shouldn't make a big difference on the web.
What Amazon (and other retailers) are really trying to achieve is to raise the cost of making an informed buying decision so much that you'll give in and pay a higher price or become part of some "discount program".
And, yes, you are right: this isn't new to Internet-based sales. Phone companies and others have been doing it for years. That doesn't make it right.
Efficient markets rely on orderly transactions. That's true in the stock market as well as in the consumer market. The more these kinds of practices take hold, the less transparent pricing becomes, the less efficient the market gets. And that's ultimately bad for the economy.
Not necessarily. The argument is that Napster is a commercial enterprise and derives commercial gain from supporting the distribution of copyrighted work.
The deal underlying this kind of legislation is that consumers are legally permitted to make copies for non-commercial use. That's the deal in Germany, and that's the deal in the US (where similar taxes exist on digital media like CD-R's).
So, unless you copy for commercial purposes, it isn't "warez" and it isn't "without permission". You have permission. Go and copy to your heart's content. As I understand the law, you can even give copies to all your friends, as long as you don't charge for it.
"Time shifting is fine" can mean many things. In particular, if copy protection measures are implemented, it can be tightly controlled. Sorry, you can only time-shift one movie at a time. Sorry, you can't edit out or skip the commercials. Sorry, you can't take it with you into your car.
As for archival storage, CD-R is probably the most archival storage available to consumers right now. Magnetic media are less reliable.
Why should companies get a license to make proprietary software with free toolkits? If your goal is to make the free toolkit an industry standard, the reason is that allowing them to do so makes your toolkit more likely to be accepted. It's not a moral obligation, it's a choice the toolkit author makes. It's a basic, free-market choice: lower the price to get more market share. And at $1500 vs. $0, that's a significant incentive.
LGPL is a good license for an open source or free software GUI toolkit if it furthers the goals of open source or free software. I think it does.
Licenses aren't just about politics, they are about money and risk. And any engineer needs to think about money and risk. That's a big part of what engineering is about.
honest license, but probably not competitive
on
Qt Going GPL
·
· Score: 2
I congratulate Troll Tech for doing "the right thing"; I thought the QPL was dishonest and misleading, and releasing Qt under a GPL license (with an option to license for commercial use) rectifies this. It must have been a hard decision, because it is difficult to predict how it will affect their revenue stream.
But ultimately, I think it won't help much. GTK+ is covered by the LGPL, and there are nearly a dozen other free toolkits out there that can be used for both free and commercial software without paying anyone anything. Qt is competing against software that is much cheaper (i.e., free) for commercial usage, and the cheap competition is pretty good.
Another issue that now needs to be revisited is what happens to commercial users of Qt if Troll Tech goes out of business or stops development. Will the FreeQt foundation continue to exist? In the past, it attempted to guarantee that a BSD-style version of Qt would be available.
I agree that the strategic issues are very important to companies.
But so is cost. I have worked at both large and small companies. $1500/developer is a lot of money, and you don't get a whole lot for it with Qt compared, say, to an MSDN subscription.
The question is whether those are, actually, original works. The way it currently appears, neither VOS nor VMWare "invented" anything particularly new, they merely implemented a well understood concept (virtualization) on a widespread processor (the x86). In the process, they solved some engineering problems that should be obvious to any skilled engineer. Any software engineer faced with the problem of "virtualize the x86" would likely come up with similar solutions, and that kind of problem solving would probably only constitute a small part of the overall R&D effort.
So, should we grant them a monopoly over the virtual machine market for the x86 for being the first to market and doing an OK engineering job? I don't think so. Doing so would inhibit genuine innovation and increase costs.
While one can make an argument that protecting new ideas with patents encourages innovation, merely handing out monopolies on market niches clearly does not. Quite to the contrary: it keeps others from coming up with genuinely new ideas in a particular market segment, it makes the company holding the patent complacent, and it represents government interference with the mechanisms of the free market.
I don't know about others, but I prefer Linux because it does less and uses "old" technologies like text mode interfaces. I also prefer Linux because its APIs change less quickly than Windows. The changes from NT 4.0 to Windows 2000 generally make the situation worse, not better.
Besides that, I have run Windows 2000 and Linux side-by-side for a few months. Windows 2000 is a bit more stable than Windows NT 4.0, has more up-to-date Win32 APIs, runs better on laptops, and the UI is a bit more consistent. The server edition comes with more software. Other than that, I think most users won't see a lot of difference.
The biggest thing about Windows 2000 from my point of view is the Active Directory stuff, and that's an unmitigated disaster: not only does it play havoc with mixed UNIX/Windows installations, I think its directory model is poorly suited to non-hierarchical management structures.
Don't underestimate the marketing value of Windows, though: on the surface, it looks like a coherent solution of integrated technologies that address most of a business's needs. It's only after a company has committed to it that they discover that actually deploying and maintaining it probably requires a bigger hodgepodge of local hacks and third party tools than Linux would, and at a much higher cost. Let's hope that there will be more Linux and BSD distributions that target the Microsoft client and server market more directly. In particular, on the server side, something like RedHat isn't streamlined enough yet to have the same appeal as Windows 2000 to non-technical business folks.
In general, it's good to publish and disclose ideas related to projects like Bochs and Plex86 early on. So, before you write any line of code, write down all the random and potentially useful ideas you have related to the implementation and make an official disclosure to the patent office.
This will protect the ideas from getting patented before you get around to implementing them. It may help infringement claims even after you have written the code, since a disclosure may be looked on more favorably by the courts than a few thousand lines of code.
As for these specific patents, once their patents are filed, there is really little that can be done. Let's hope that the ample prior art in IBM, Bochs, VMWare, emulators, and Plex86 will be sufficient to strike any claims from the patents that interfere with free software once they are issued.
The list of RFCs for Perl 6 is pretty long. The changes look like they address a lot of the problems people have had with Perl. But how compatible is Perl 6 going to be with Perl 5? Will most packages/scripts need to be rewritten? Will the C extensions of Perl 5 need to be rewritten? I didn't see anything in the Perl 6 materials on the site that answered these questions (but maybe Larry addressed it in his speech).
I'm making no such assumptions. To the contrary, I would hope that any good CS graduate from a top school should know how to break into a UNIX or NT system. Just like picking locks (another skill anybody from a good university should know, IMO), breaking into UNIX or NT systems isn't rocket science. It's pretty straightforward, dull, mechanical stuff, or social engineering. And little has changed there over the last couple of decades.
People have ample opportunity to practice those skills on-campus, in situations where they are not likely to get a felony conviction. It's when people direct that kind of effort against e-commerce, military, and financial sites and when they obtain credit card numbers and other sensitive information, that it suggests both an anti-social inclination and a lack of good sense. Whether they also have a good education or not has nothing to do with it.
That's basically the distinction between "crackers" and "hackers". Both crackers and hackers may enjoy a good beer afterwards, and both may know how to break into any system, but I would hire a hacker to work on security. I wouldn't hire a cracker.
I don't think this is a problem just with the Internet. Why do I have to pay taxes if I mail order from a company within California but not from a company outside California? And why should I pay taxes when I mail-order from Cody's but not from Barnes and Noble?
I think the only way to achieve fairness would be either to have a nationwide, uniform sales tax that would be collected by the federal government and then apportioned to the states, or to abolish the sales tax altogether. Of course, hell will freeze over before some states would agree to either of those.
With the current non-uniform method, states without a sales tax, as well as mail order stores, are freeloading: both companies and residents end up using resources (roads, airports, etc.) that others pay for. Imagine, for example, how New Hampshire would do if the people in NH couldn't come to work in MA or if MA shoppers couldn't drive up to NH.
As for the "Internet Tax" bill, if it applies uniformly to any kind of mail order, that's fine with me. If it applies only to orders placed through the Internet, that seems stupid.
Security firms seem to think that hiring people who have broken into other people's machines and caused damage somehow gets them very experienced security folks. I think that's silly.
Crackers usually know about a lot of concrete security holes and can help companies fix them. But that's the wrong approach, and it is in part responsible for the poor state of computer security today. Making computers secure requires more fundamental changes than patching a few holes around the edges: it requires new system architectures, cryptographic methods, clear design, and better programming languages. Linux, *BSD, or Windows NT will never be really secure.
Of course, in the short term, all that patching and exploring is lucrative. But if you really want to help make computers secure in the long run, get a good education and stop breaking in.
As I was saying, you may be able to challenge the agreement on various grounds (including asserting that "it's a sale"), but that doesn't mean that there was no agreement to begin with. An unconscionable or otherwise invalid contract is still a contract until it has been found unenforceable. And in practical terms, some terms of EULAs seem to be enforceable, and UCITA promises to make this even stronger. You consider such agreements "meaningless" at your own risk.
That would defeat the purpose of patents. The purpose of patents is to encourage you to share your invention. The carrot society provides is limited-time protection. If you keep your invention to yourself, you are not entitled to patent protection.
Anti-patents already exist. They are called disclosures. You can disclose in a journal (some corporations have journals dedicated to the task), or you can send a disclosure to the patent office. If you want to know more about the process, get a copy of "Patent It Yourself" from Nolo Press (good reading anyway).
An open source-related patents effort might be useful, however: creating an organization that uses its patents to trade with commercial patent holders to get them to license their patents for open source use.
The FSF's concern is with software, not with other kinds of intellectual property. And the primary concern is that people should be able to build on each other's software, which is different from an information free-for-all.
The problem with the current system of patents and copyrights is not that people make money with it, but that it means that it creates a web of dependencies and near-monopolies that customers get caught up in. That is clearly not desirable, least of all in a capitalist economy.
The beauty of the FSF is that it may win through market mechanisms: proprietary software causes lots of problems for its users in a free market and free society. Rather than being anti-free market, free software may ultimately what makes the software market efficient. The only thing it needs to be protected from is legal trickery, like claiming patents and copyrights on trivial aspects of commercial software.
I believe one or more companies have patented the "idea" of using barcodes in printed advertising to link consumers to web sites, and to allow price comparisons. They are probably referring to some kind of patent in this space.
It's not that simple. People don't just "buy" the EQ client. The software is subject to a license agreement and the service is subject to a service agreement. Both of those are legally binding contracts, and as part of agreeing to them, you may be agreeing to limit what you can and cannot do.
There are a variety of things that could be challenged about such an agreement and there are many clauses companies routinely put into contracts that aren't enforceable or that don't make sense. But if you choose to violate the letter of some contract you are a party to, you better have a good idea beforehand why you should be able to do what you are doing. Otherwise, you may be facing a lot of liability.
Slashdot Mirror
Of course, I think Western Union should be held liable anyway: their poor security is causing their customers and credit card companies a lot of effort and expense, whether the cards were stolen or not. Keeping personal information, in particular credit card numbers, on a system that is accessible from the Internet is grossly negligent.
Today, anybody can learn the hottest technologies (e.g., Linux, Win32, Python, Perl, VC++, C++, UML, Java, Apache) by going to the web and doing stuff on their home computer. They can even make a name for themselves by contributing to, or leading, open source projects. That's different from the past, where learning new technologies required expensive hardware and software, and where documentation and information was scarce; in the past, the primary institutions that could provide professional training were companies.
Systems and software jobs these days require that everybody on the team has a good understanding of techniques and tools out there that are relevant to the problem. That requires that each and every one stays informed and up to date with their field. That's a hallmark of professionalism. People who apply and expect the company to figure out what they need to know and retrain them accordingly are turned down not because of the time and expense of retraining, but because the notion that the company should provide training for widely available technologies is seen as unprofessional: it suggests that the employee would lack the initiative and interest to function well in the long run.
Sellers traditionally give discounts to volume buyers because the transaction costs per unit are lower. That shouldn't make a big difference on the web.
And, yes, you are right: this isn't new to Internet-based sales. Phone companies and others have been doing it for years. That doesn't make it right.
Efficient markets rely on orderly transactions. That's true in the stock market as well as in the consumer market. The more these kinds of practices take hold, the less transparent pricing becomes, the less efficient the market gets. And that's ultimately bad for the economy.
Not necessarily. The argument is that Napster is a commercial enterprise and derives commercial gain from supporting the distribution of copyrighted work.
So, unless you copy for commercial purposes, it isn't "warez" and it isn't "without permission". You have permission. Go and copy to your heart's content. As I understand the law, you can even give copies to all your friends, as long as you don't charge for it.
I haven't had cable in years, and it's just fine with me. When I want to watch a movie, I rent it, and usually watch it with friends.
As for archival storage, CD-R is probably the most archival storage available to consumers right now. Magnetic media are less reliable.
LGPL is a good license for an open source or free software GUI toolkit if it furthers the goals of open source or free software. I think it does.
Licenses aren't just about politics, they are about money and risk. And any engineer needs to think about money and risk. That's a big part of what engineering is about.
But ultimately, I think it won't help much. GTK+ is covered by the LGPL, and there are nearly a dozen other free toolkits out there that can be used for both free and commercial software without paying anyone anything. Qt is competing against software that is much cheaper (i.e., free) for commercial usage, and the cheap competition is pretty good.
Another issue that now needs to be revisited is what happens to commercial users of Qt if Troll Tech goes out of business or stops development. Will the FreeQt foundation continue to exist? In the past, it attempted to guarantee that a BSD-style version of Qt would be available.
But so is cost. I have worked at both large and small companies. $1500/developer is a lot of money, and you don't get a whole lot for it with Qt compared, say, to an MSDN subscription.
So, should we grant them a monopoly over the virtual machine market for the x86 for being the first to market and doing an OK engineering job? I don't think so. Doing so would inhibit genuine innovation and increase costs.
While one can make an argument that protecting new ideas with patents encourages innovation, merely handing out monopolies on market niches clearly does not. Quite to the contrary: it keeps others from coming up with genuinely new ideas in a particular market segment, it makes the company holding the patent complacent, and it represents government interference with the mechanisms of the free market.
Besides that, I have run Windows 2000 and Linux side-by-side for a few months. Windows 2000 is a bit more stable than Windows NT 4.0, has more up-to-date Win32 APIs, runs better on laptops, and the UI is a bit more consistent. The server edition comes with more software. Other than that, I think most users won't see a lot of difference.
The biggest thing about Windows 2000 from my point of view is the Active Directory stuff, and that's an unmitigated disaster: not only does it play havoc with mixed UNIX/Windows installations, I think its directory model is poorly suited to non-hierarchical management structures.
Don't underestimate the marketing value of Windows, though: on the surface, it looks like a coherent solution of integrated technologies that address most of a business's needs. It's only after a company has committed to it that they discover that actually deploying and maintaining it probably requires a bigger hodgepodge of local hacks and third party tools than Linux would, and at a much higher cost. Let's hope that there will be more Linux and BSD distributions that target the Microsoft client and server market more directly. In particular, on the server side, something like RedHat isn't streamlined enough yet to have the same appeal as Windows 2000 to non-technical business folks.
This will protect the ideas from getting patented before you get around to implementing them. It may help infringement claims even after you have written the code, since a disclosure may be looked on more favorably by the courts than a few thousand lines of code.
As for these specific patents, once their patents are filed, there is really little that can be done. Let's hope that the ample prior art in IBM, Bochs, VMWare, emulators, and Plex86 will be sufficient to strike any claims from the patents that interfere with free software once they are issued.
The list of RFCs for Perl 6 is pretty long. The changes look like they address a lot of the problems people have had with Perl. But how compatible is Perl 6 going to be with Perl 5? Will most packages/scripts need to be rewritten? Will the C extensions of Perl 5 need to be rewritten? I didn't see anything in the Perl 6 materials on the site that answered these questions (but maybe Larry addressed it in his speech).
People have ample opportunity to practice those skills on-campus, in situations where they are not likely to get a felony conviction. It's when people direct that kind of effort against e-commerce, military, and financial sites and when they obtain credit card numbers and other sensitive information, that it suggests both an anti-social inclination and a lack of good sense. Whether they also have a good education or not has nothing to do with it.
That's basically the distinction between "crackers" and "hackers". Both crackers and hackers may enjoy a good beer afterwards, and both may know how to break into any system, but I would hire a hacker to work on security. I wouldn't hire a cracker.
I think the only way to achieve fairness would be either to have a nationwide, uniform sales tax that would be collected by the federal government and then apportioned to the states, or to abolish the sales tax altogether. Of course, hell will freeze over before some states would agree to either of those.
With the current non-uniform method, states without a sales tax, as well as mail order stores, are freeloading: both companies and residents end up using resources (roads, airports, etc.) that others pay for. Imagine, for example, how New Hampshire would do if the people in NH couldn't come to work in MA or if MA shoppers couldn't drive up to NH.
As for the "Internet Tax" bill, if it applies uniformly to any kind of mail order, that's fine with me. If it applies only to orders placed through the Internet, that seems stupid.
Crackers usually know about a lot of concrete security holes and can help companies fix them. But that's the wrong approach, and it is in part responsible for the poor state of computer security today. Making computers secure requires more fundamental changes than patching a few holes around the edges: it requires new system architectures, cryptographic methods, clear design, and better programming languages. Linux, *BSD, or Windows NT will never be really secure.
Of course, in the short term, all that patching and exploring is lucrative. But if you really want to help make computers secure in the long run, get a good education and stop breaking in.
As I was saying, you may be able to challenge the agreement on various grounds (including asserting that "it's a sale"), but that doesn't mean that there was no agreement to begin with. An unconscionable or otherwise invalid contract is still a contract until it has been found unenforceable. And in practical terms, some terms of EULAs seem to be enforceable, and UCITA promises to make this even stronger. You consider such agreements "meaningless" at your own risk.
That would defeat the purpose of patents. The purpose of patents is to encourage you to share your invention. The carrot society provides is limited-time protection. If you keep your invention to yourself, you are not entitled to patent protection.
An open source-related patents effort might be useful, however: creating an organization that uses its patents to trade with commercial patent holders to get them to license their patents for open source use.
The problem with the current system of patents and copyrights is not that people make money with it, but that it means that it creates a web of dependencies and near-monopolies that customers get caught up in. That is clearly not desirable, least of all in a capitalist economy.
The beauty of the FSF is that it may win through market mechanisms: proprietary software causes lots of problems for its users in a free market and free society. Rather than being anti-free market, free software may ultimately what makes the software market efficient. The only thing it needs to be protected from is legal trickery, like claiming patents and copyrights on trivial aspects of commercial software.
I believe one or more companies have patented the "idea" of using barcodes in printed advertising to link consumers to web sites, and to allow price comparisons. They are probably referring to some kind of patent in this space.
There are a variety of things that could be challenged about such an agreement and there are many clauses companies routinely put into contracts that aren't enforceable or that don't make sense. But if you choose to violate the letter of some contract you are a party to, you better have a good idea beforehand why you should be able to do what you are doing. Otherwise, you may be facing a lot of liability.